Recommended capture computers

Here is Riverbed's reply to my issue with their burst bandwidth report on a Dell laptop:

This is a follow-up to our phone conversation regarding the Burst Bandwidth 1ms (max and average) views in Pilot. We can see the bandwidth reported on the 1ms views seem to exceed the linkspeed, which should not be possible.

The problem is not so much a bug with Pilot as it has to do with the way time-stamping is performed when packets are received. In Windows, using a normal NIC, the OS handles time-stamping the arriving packets. Depending on what else the OS is handling, there can be some delay in the time-stamping process and several packets collected in the buffer may be recorded with the same time-stamp. When analyzed with a program like Pilot, it appears that more data was received that is physically possible.

On our specialty TurboCap capture card, when installed in a Linux box, time stamping can be made more accurate by assigning one of the CPU's processor cores the sole task of time-stamping (a driver parameter). This will result in much greater accuracy for the sub-second burst views.

It is therefore recommended to use the normal Bandwidth Over Time view when using a regular NIC in Windows when the problem is encountered. Discrepancies will be averaged out when calculating over the much longer interval (1sec vs 1ms). Another suggestion is to run Pilot on a workstation dedicated to perform captures only, all other non-essential programs or utilities should be turned off. This should help to minimize delays in performing the time stamping function.